New Threat Reports July 28, 2009

With all of it’s advantages, the high profile payment vendor Paypal is often the subject of some very legitimate looking scams and phishing attempts.

No matter what, never click a link that you receive in an email in order to access the Paypal website. That means, never, ever, ever should you click a link and then enter your username and password.

We have just received reports of a large scale phishing scam that involves the perpetrator sending what appears to be official looking Paypal email alerts. The fake email instructs the recipient that a purchase was made with their account.

Obviously this purchase did not really happen. The email goes on to give you instructions on how to dispute the transaction by clicking a link. DO NOT click that link.

What is the problem?
The bad guys are setting up clone websites that appear to be actual financial institutions or payment gateways like Paypal, Wells Fargo, and Bank of America. Once you enter the username and password into their login box, they then have your account information. Their sites look like the real thing, but you won’t realize the fake until it is too late.

What should you do?
If you want to check you account for activity, just type the Paypal or bank url directly into the address bar of your browser. DO NOT click a link and do not do a Google Search for Paypal. If you don’t know the difference between a search and a direct visit, please ask us.

Is Paypal Safe?
We believe that it is very safe if used with common sense and caution. Paypal is an Ebay company and is entrusted with millions of transactions. Their security and protection is top notch. With that being said, you still need to be careful out there.

Feel free to ask any questions. Your money is an important subject and we are here to be of assistance.